Information Security Policy

Information Security Policy:

Information is one of the most important elements of business management at the Central Bank of Libya. Information systems, databases, and communication networks of the world have become the basis for the banking sector from the industrial age to the new current age of technology. Information security is at the core of the Central Bank which plays an important role in the protection of assets, interests and information. Initiated by the Governor of the Central Bank of Libya in 2008, the CBL has adopted a plan based on international standards to upgrade the protection of privacy information and assets using technical and human resources.

Password Management: The establishment of the passwords and other security related responsibilities.

Physical and environmental security: Identifying facilities to protect and prevent unauthorized access, information theft, equipment theft and disruption of work or eavesdropping. Also, protecting infrastructure equipment such as fire equipment and air conditioners.

E-Mail Security: The establishment of protocols to protect E-mails and databases. Email is the largest distributor of viruses and spam which needs mechanisms and procedures to make sure data is not corrupted or stolen. Item No.

Upgrade Encryption: To upgrade and maintain the confidentiality, creditability, and integrity of the information using the latest encryption software.

Remote Access: Establishment of security precautions and mechanisms to be taken to prevent access to the bank’s internal network using remote access.

Systems development and maintenance: Analyze, maintain and upgrade the current system in place to ensure building security. The mechanisms focus on peacekeeping, security, encryption, data and configuration.

Antivirus: Analyze the procedures and software for anti-virus and anti-spam software.

Network Security Monitoring: Allow limited access to the information network through the development of a separate network to the public. This network is separated from the internal network to help protect it from malicious attacks.